web-vulnerability-scanner_project

web-vulnerability-scannerprojec...

BYOT-CPS: A Hybrid Cyber-Physical Systems Testbed for IoT Security Assessment and Platform Evaluation

Internet of Things IoT security research continues to face a methodological gap between scalable virtual experimentation and realistic device behaviour. While pure simulation and emulation platforms provide control, repeatability, and scale, they do not fully reproduce firmware-specific behaviour...

Five Attacks on X402 Agentic Payment Protocol

The x402 protocol revives the HTTP 402 Payment Required status code to enable web-native micropayments across APIs, content, and agents. It combines synchronous HTTP authorization with asynchronous blockchain settlement and introduces a cross-layer attack surface absent from conventional web and...

FIRCE: A Framework for Intrusion Response and Conformal Evaluation

Machine learning-based intrusion detection systems deployed in real-world environments frequently suffer from model degradation due to concept drift, where changes in traffic patterns invalidate training assumptions. To address this, we present FIRCE, a Framework for Intrusion Response and...

From Spoofing to Trust: Emergency Alerts Spoofing Testbed and Cross-Cell Verification

Public warning systems PWS in cellular networks enable authorities to broadcast emergency alerts to all mobile phones in a geographic region in the event of threats such as earthquakes or severe weather. If an attacker can imitate these alerts and transmit a forged warning containing fake news or...

Security Implications of 5G Communication in Industrial Systems

Traditionally, industrial control systems ICS were designed without security in mind, prioritizing availability and real-time communication. As these systems increasingly become targets of powerful adversaries, security can no longer be neglected. Driven by flexibility and automation needs, ICS a...

DeepStage: Learning Autonomous Defense Policies against Multi-Stage APT Campaigns

This paper presents DeepStage, a deep reinforcement learning DRL framework for adaptive, stage-aware defense against Advanced Persistent Threats APTs. The enterprise environment is modeled as a partially observable Markov decision process POMDP, where host provenance and network telemetry are fus...

QuaNTUM: A Modular Quantum Communication Testbed for Scalable Fiber and Satellite Integration

Secure communication is essential for modern society, from financial transactions to critical infrastructure. As classical encryption faces threats from advancing computational power, quantum communication provides a fundamentally secure alternative based on physical laws. We present QuaNTUM...

Impact of 5G SA Logical Vulnerabilities on UAV Communications: Threat Models and Testbed Evaluation

This paper examines how logical vulnerabilities in 5G Standalone networks affect UAV command and control communication. The study looks at three attacker positions in the architecture: a malicious user equipment UE connected to the same logical network as the UAV, an attacker with access to the 5...

Knowledge-To-Data: LLM-Driven Synthesis of Structured Network Traffic for Testbed-Free IDS Evaluation

Realistic, large-scale, and well-labeled cybersecurity datasets are essential for training and evaluating Intrusion Detection Systems IDS. However, they remain difficult to obtain due to privacy constraints, data sensitivity, and the cost of building controlled collection environments such as...

Smart Surveillance: Identifying IoT Device Behaviours Using ML-Powered Traffic Analysis

The proliferation of Internet of Things IoT devices has grown exponentially in recent years, introducing significant security challenges. Accurate identification of the types of IoT devices and their associated actions through network traffic analysis is essential to mitigate potential threats. B...

Exploit for SQL Injection in Djangoproject Django

Django-CVE-2025-64459-Testbed A self-contained testbed for Dj...

StealthCup: Realistic, Multi-Stage, Evasion-Focused CTF for Benchmarking IDS

Intrusion Detection Systems IDS are critical to defending enterprise and industrial control environments, yet evaluating their effectiveness under realistic conditions remains an open challenge. Existing benchmarks rely on synthetic datasets e.g., NSL-KDD, CICIDS2017 or scripted replay frameworks...

MCIR

The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. It is a collection of tools designed to demonstrate various types of code injection vulnerabilities, including SQL injection, XML/XPath/XSL injection, Cross-Site Scripting XSS, and shell...

Asymmetry Vulnerability and Physical Attacks on Online Map Construction for Autonomous Driving

High-definition maps provide precise environmental information essential for prediction and planning in autonomous driving systems. Due to the high cost of labeling and maintenance, recent research has turned to online HD map construction using onboard sensor data, offering wider coverage and mor...

Towards Principled Analysis and Mitigation of Space Cyber Risks

Space infrastructures have become an underpinning of modern society, but their associated cyber risks are little understood. This Dissertation advances the state-of-the-art via four contributions. i It introduces an innovative framework for characterizing real-world cyber attacks against space...

Real-World Evaluation of Protocol-Compliant Denial-Of-Service Attacks on C-V2X-Based Forward Collision Warning Systems

Cellular Vehicle-to-Everything C-V2X technology enables low-latency, reliable communications essential for safety applications such as a Forward Collision Warning FCW system. C-V2X deployments operate under strict protocol compliance with the 3rd Generation Partnership Project 3GPP and the Societ...

VWAttacker: a Systematic Security Testing Framework for Voice over WiFi User Equipments

We present VWAttacker, the first systematic testing framework for analyzing the security of Voice over WiFi VoWiFi User Equipment UE implementations. VWAttacker includes a complete VoWiFi network testbed that communicates with Commercial-Off-The-Shelf COTS UEs based on a simple interface to test...

Testbed and Software Architecture for Enhancing Security in Industrial Private 5G Networks

In the era of Industry 4.0, the growing need for secure and efficient communication systems has driven the development of fifth-generation 5G networks characterized by extremely low latency, massive device connectivity and high data transfer speeds. However, the deployment of 5G networks presents...

Space Cybersecurity Testbed: Fidelity Framework, Example Implementation, and Characterization

Cyber threats against space infrastructures, including satellites and systems on the ground, have not been adequately understood. Testbeds are important to deepen our understanding and validate space cybersecurity studies. The state of the art is that there are very few studies on building...